OSX.Dummy depends on substantial help from an unwary victim.
A new strain of MacOS malware is targeting those who like to discuss their cryptocurrency investing in Slack or Discord groups.
It depends on a certain level of naiveté on the part of the victim - a level that resulted in the strain being labeled OSX.Dummy.
The social engineering attack presents a request from a user identifying themselves as an administrator of the group.
They ask the victim to run a lengthy command in a terminal window, then ignore the 34 Mbyte file that is downloaded.
The file is a large mach064 binary (34M), rating a perfect score of 0 / 60 on virustotal.
If the victim does both of these things, they find that their Macintosh has been hijacked by a hacker using a C&C server in the Netherlands.
In a comment supplied to Dark Reading, Ryan Benson, senior threat researcher at Exabeam said, "A lot of otherwise non-technical people have jumped on the cryptocurrency bandwagon and want to get involved.
Cryptocurrencies are inherently technical, so these less-technical users may be used to following technical how-tos without really understanding what the commands they run are doing.
This puts them in dangerous territory and ripe for an attack like this, even if it is 'dumb.'"
Source:
New Malware Strain Targets Cryptocurrency Fans Who Use Macs
A new strain of MacOS malware is targeting those who like to discuss their cryptocurrency investing in Slack or Discord groups.
It depends on a certain level of naiveté on the part of the victim - a level that resulted in the strain being labeled OSX.Dummy.
The social engineering attack presents a request from a user identifying themselves as an administrator of the group.
They ask the victim to run a lengthy command in a terminal window, then ignore the 34 Mbyte file that is downloaded.
The file is a large mach064 binary (34M), rating a perfect score of 0 / 60 on virustotal.
If the victim does both of these things, they find that their Macintosh has been hijacked by a hacker using a C&C server in the Netherlands.
In a comment supplied to Dark Reading, Ryan Benson, senior threat researcher at Exabeam said, "A lot of otherwise non-technical people have jumped on the cryptocurrency bandwagon and want to get involved.
Cryptocurrencies are inherently technical, so these less-technical users may be used to following technical how-tos without really understanding what the commands they run are doing.
This puts them in dangerous territory and ripe for an attack like this, even if it is 'dumb.'"
Source:
New Malware Strain Targets Cryptocurrency Fans Who Use Macs
